Posted
by
timothy
on Tuesday June 19, 2012 @12:17PM
from the sell-to-high-bidders-model-taken dept.

First time accepted submitter at.drinian writes "Last week, we heard about the many applications for new top-level domains that have been put forth by various businesses and organizations. ICANN, of course, has come under heavy criticism for its process. If you didn't have the accumulated baggage of 30 years of DNS, how would you redesign things? .public and .private TLDs only? No TLD control? Country-level domains?"

These disparate groups may never communicate, but if you divide the network in any place, geographic or not, you are going to end up with a border somewhere. Across this border, it will be impossible to exchange a hyperlink with the expectation that it consistently identifies a single resource.

The trouble is(unless you abandon this 'inter-network' nonsense entirely) you can either have a single point of stupidity with URLs that are at least unique, or you can have multiple points of stupidity, with URLs that need an additional field to specify which domain name hierarchy you are speaking relative to(ie. since foo.com could resolve in multiple different ways depending on the nameserver you talk to, you'd basically have to specify "foo.com(DNS_ORG bar)" to have a meaningful URL).

After all, there isn't anything stopping you from having your very own DNS system, on any scale(and, indeed, most decent-size internal DNS servers have a mixture of private hostnames and assorted lies about public hostnames, for various convenience and security purposes), except for the fact that being able to treat URLs as unique is pretty convenient...

If memory serves, there were a bunch of alt-root DNS outfits during the.com days that tried to get people to install their nameservers so that they could peddle various ghastly TLDs that hadn't made it through ICANN(Now ICANN is ready to rubber-stamp those same TLDs, progress!); but they never got enough adoption to be of much use.

You nailed it in pointing out that the current TLD system is already a "point of stupidity."
The point of having different TLD's would be to allow otherwise identical URL's to be usefully differentiated by a TLD. In practice, this is very rarely the case. Most domain owners do not want otherwise identical domains at other TLD's, so they feel they need to register their domain at a bunch of TLD's and forward them. The nearly ubiquitous need to do this among major websites demonstrates that the whole idea is flawed. Most of the public only knows about ".com" and basically think that means "on the internet." Only a few geeks are even aware of what the TLD system was intended to accomplish.

The best answer to the TLD problem is to abandon it - grandfather it out. Stop adding new ones. They should do this by making the final period a non-special signifier in addresses. Anyone can pick anything they want and put any number of periods in their address they want. Every current address would still be unique and valid. But you can register new addresses with no TLD, just use whatever non-owned string makes the most sense for you. If you like TLD's and actually think they're useful, nothing's stopping you from registering new sites with a period followed by the three letters of any current TLD or any new one you want to make up. The process of handing out new addresses with no TLD fairly - you know, like "http://www.google," or "http://sex" would be a bit messy, but grandfathering out official TLD's would be the best system for the future internet.

This will never happen though, because there's too much money in selling new imaginary property with every new TLD they roll out. The majority of that money is not coming from people looking to take advantage of a new useful identifier, but from people looking to defend their identifier from others in the new domain - revealing the whole problem with the TLD sytem.

Seems a little dubious. Phishing would certainly become an even bigger problem.

Domains also provide a really good way of pointing to resources whos location may change. I'd hate to feel tied to a host for my minecraft server because everyone has my IP bookmarked. Those web devs would also bitch about all their links to my site breaking.. Businesses who rely on links from other pages would again, be tied to a host forever. Not to mention search engines, while a lot faster on the update cycle then in the past

A lot depends on whether the address has to be human-readable. For example, you could have an alternate system where sites are addressed by a public key hash, and you could ask numerous independent name-servers for any IP address signed by a key with that hash. But typing in 64-character hex strings to connect to Google or your bank would be troublesome, to say the least.

A lot depends on whether the address has to be human-readable. For example, you could have an alternate system where sites are addressed by a public key hash, and you could ask numerous independent name-servers for any IP address signed by a key with that hash. But typing in 64-character hex strings to connect to Google or your bank would be troublesome, to say the least.

That sounds so great. Then we'll just have to add some sort of networked naming system so people could type in something human readable and find some response that identifies the service and where to find it. It should probably provide the same names to everyone, so people can tell each other about names and get to those neat things, but we'll have to have some way to distribute that load and cache it close to the user. And, maybe instead of that extra useless overhead of some hash of... well, what the hell are you making that hash from anyway?... we could use a really big number, like a 64bit integer (*cough* ipv6 *cough*). Maybe we could just re-purpose this DNS thing to find those big numbers? It sounds like that could do exactly what you want.

Remind me again what is "broken"? If you can't name what's broken, then you're just coming up with solutions looking for a problem. DNS works, and works very well.

The "problem" with DNS is the artificial global scarcity of human-desirable strings, the inevitable IP claims on strings used within DNS names, and national jurisdiction and revocation of those names from use under stupid legislation. None of those are technical issues, they're all social & political.

I'd just have the national TLDs, like.us,.ca,.ru and so on, and maybe add a handful of continental TLDs, like.eu,.na,.sa,.af,.as. and finally,.un. Drop.com,.org and.net. Then, if there are international organizations, give them the.un ext

It's not fair at all - the highest payer wins! The current ICANN process for new gTLDs specifies that duplicate TLD applications first go to a "bargaining" process to see if the applicants can work out how to share the TLD. If that fails, the TLD goes to auction.

Why not just have those TLDs resolve within the us, but require.gov.us to resolve outside the us? Likewise Australia could have.edu resolve to educational institutions within the country but require.edu.au outside. Of course that breaks the universality of the link, but the same could be said for phone numbers... once you leave the nation you need to tack on additional numbers to get to the same phone number. Internally the site would have to reference itself as the fully qualified name, of course.

It would be nice if hostnames resolved "backwards" than they do today - just like the Java package naming scheme: org.apache.project.class

Just like local DNS resolvers "search" a certain namespace for non-fully-qualified hostnames by appending the domain name as a suffix, TLD then domain name would be applied as a prefix. Fully qualified hostnames would be prefixed with a "." instead of suffixed.

Each nation gets a full-name TLD and a long list of aliases in every language including short variations. I will not expect the world to type a nation TLD in a foreign language. Also, it is case insensitive.

Actually, since complications are being ignored, I'd make DNS use @TLD which just means that new URLs would stand out from old ones and email checks will have to grow up. If you want to own

Along the lines of the international card catalog library system with a maximum of three or four cross-references. This way a search could be something approximating exhaustive. Presently there are millions of hits on narrow searches and most of them reference JC Penneys.

I keep getting spam for coupons for JC Penneys but I have no idea what one is, whether or not I'd want one, or what I'd do with it. Is it big? Like, will it fit on a shelf or do I need to gut out the tractor shed?

Even Google isn't much help since googling for it just ends up with millions of sites offering coupons for JC Penneys but no real information on what they are.

One TLD for each country to do what they like with plus something like NameCoin but with way higher costs for registering domains under some anarchy TLD.Throw in a TLD for companies over some big size and another for non-profits over a certain size.

The top level should be managed by some international body and be operationally independently of all governments.

Each country should run a DNS service for the top level which should be globally accessible.

This assumes the inevitability and longevity of the concept of the nation-state, which has only been around a couple hundred years and is arguably (anthropologically speaking) not at all inevitable as a social entity.

Ultimately, would you just give out TLDs for whatever social entity you chose to recognize as some sort of homogenous group? How arbitrary are you prepared to be?

That seems to me to be the ultimate problem with TLDs. They are always already arbitrary. Just leave them so instead of imagining the

I would drop the whole TLD concept in a heartbeat. It just adds one more thing to remember that means very little anymore, and opens people up to confusion (wait, Whitehouse.com is a porn site!?!).

Seriously, what does it accomplish? The categories are so broad that they're nearly useless as an organizing tool, especially since many companies buy up the "lesser" TLDs for their domain just to prevent confusion. People don't organize domain names in a hierarchy like they did with Usenet groups, so appending a category label to each seems rather silly.

Country code TLDs are a symptom, not a feature. They come about because local governments want to exert their own control over some aspect of the internet, but really the whole point of the internet is to transcend borders and unite people in a single global network, even if that is a threat to entrenched interests.

Yes, but on the other hand, by dropping TLDs, you're diminishing the number of possible combinations. You want to get the "example.com" domain, but it's taken. Well, you can try "example.org" or "example.net", or even "example.me" or "example.ws". I'd imagine that removing TLDs would actually exacerbate the domain-squatting problem by diminishing the number of possible domains, thereby driving up the value of any decent domain name. You might think that selling off new TLDs has created a land-grab, but

Country code TLDs are a symptom, not a feature. They come about because local governments want to exert their own control over some aspect of the internet, but really the whole point of the internet is to transcend borders and unite people in a single global network, even if that is a threat to entrenched interests.

I always thought of it as a delegation thing which is really convenient for the users of that country. I can pay in my local currency for a local domain name and deal with a local company, rather than having to deal with dollar exchange rates and US based companies which may have vastly different business hours. It also means that things like trademark disputes can be handled locally, rather than one having to deal with US laws. It's also in the interest of said governments to keep money local (for local on

That is : the problem of finding a device (say: server, virtual server, coffee maker, whatever) without having to enter an arbitrary number of digits.DNS is essentially context-free and centralized.

I would make an OS a lot less dependent on DNS actually functioning, require such a service to be secure (but oh, how to manage the keys?) and make it easier to plug in local address books of references, and easier to transfer such between computers. (perhaps something like zeroconf)

The counter trick is how to keep this from being hijacked to any great degree. Minimize harm.

Expunge all "field of interest" TLDs like.com,.gov,.net,.pr0n, and all the recent spammy TLDsTLD by legal jurisdiction the domain is registered under. Country codes only, I suppose.Underneath the country codes its fair game for each NIC.I would "strongly encourage" the country NICs to not screw around with social engineering goals.

I would suspect you'd end up with multi-national corps registering a zillion domains in each country they buy or sell. So what. Cost of doing business.

I would only have a couple non-UN recognized as country domain names, for example, ".un" seems like a nice place to put the UN and maybe root DNS operators should have a.root TLD solely to host their own coordination related stuff.

But how things worked in the beginning worked very well, every country gets a TLD and multinational organizations (commercial, non-profit etc.) also get their TLD and it worked well because that were the capabilities of the day.

If you could completely overhaul it, I would keep the current TLD's for backwards compatibility and then add a range of local TLD's (.local,.lan,...) and some simple "custom" TLD (.custom) which browsers could implement to auto-append on any non-TLD'ed and non-local domain. Let someone else worry about the.custom subdomains. This would clean things up on the root resolvers and move the problem to someone who is interested in expanding the TLD space.

On the other hand, I would also keep the servers free from outside influence by having a distributed root system and a requirement/mechanism for any resolver to regularly check whether your closest resolver is being truthful to you. If they're not being truthful (eg. ICE or DHS meddling with the records), that IP loses points on the distributed trust list and administrators could configure what trust level they will accept (larger ISP's may want a high threshold of trust while smaller systems that can't afford or don't have enough traffic to warrant the multiple checks keep it lower).

I'd rather type in www.blah or ftp.blah instead of having to remember if it's blah.com, blah.co.uk etc.The TLD indicating if the site is commercial, organization or a network stopped being accurate once they allowed anyone to get.net,.org or.com domains.Country-code TLDs have been subverted, with sites like bit.ly using other country's TLDs than the country they're based out of..gov/.edu seem to still have integrity, yet it's generally obvious what such an institution is given its name.

The main reason for TLDs to exist is so that different organizations around the world can manage their own little slice of the DNS system. Considering how much this is being abused (or about to be) with governments mandating DNS blocks, this suggests a peer-to-peer solution would be superior, or something managed by a central authority not beholden to any government which has the health of the internet as its primary concern (like the EFF).

One of the best approaches was to create a TLD for each of the major categories one can get a trademark in. For example, airlines, shipping lines, etc. Then one could have Olympic.Airlines, Olympic.Shipping and so on, without the current problems of the Olympic Organizing Committee getting all the "Olympic"s in the world.

One of my papers on the subject was D. Collier-Brown, On Experimental Top Level Domains, Rev 0, Internet Draft, draft-collier-brown-itld-exper-00.txt, Sept 1996, which may still be findable. Much of the other work seems to have been expunged...

Numerous approaches were debated by the international ad-hoc committee on domain names, but the most profitable to the registrars "won", leading to the current mess. In retrospect, we needed a stringently fair, non-commercial process to make the decision.

Some say appending ".com" denotes that it's a web address. Well, Twitter solved similar problems with just one character rather than four: @ for people, # for tags. If we could rewrite history and didn't need to distinguish between government and non-government sites (due to the Internet having grown out of the government), domain names should have adopted a similar magical special character.

That's not the intention. The "com" TLD is supposed to be for commercial business, the "net" TLD for networking services (ISPs and such), and the "org" TLD for non-profits and such. Then there's "gov" for government addresses and "edu" for educational addresses. Admittedly, people often don't stick to this scheme.

However, they also don't really use "com" for websites either. Most people and businesses get a single domain and use it for all of their services-- websites, email, or anything. Also, people

1. Make domain name registrations non-transferable. That would eliminate the parasites who squat on domains.

2. Make a rule that if you have a domain in one TLD, you can't have the same domain in another TLD. That would eliminate corporate squatting of every single variation of a common word or phrase that they want to own.

1. What prevents the squatter from maintaining control of the domain and "renting" it to someone else?

2. So if I want to use my company's.com for our publicly accessible services and our.net for networking infrastructure, I can't? But if I want company.com and corporate.net, I'm okay? Seems like an arbitrary restriction that's trivial to get around, but still annoying.

1. In general, companies don't want to rent perpetually from a sleazebag, and sleazebags don't want to deal with regular billing.

2. It may be arbitrary, but consider how many domains are squatted by companies that don't use them. The way trademark law works, if two companies have trademarks on "Foo", they ought to be able to have "foo.biz" and "foo.com". The way it works right now, more often than not one of the companies has registered "foo.*" even though they aren't using anything but foo.com.

I would have a few "international" domains like the existing.int,.eu, and.un, and a country-like domains for organizations that already had country-codes issued to them by the U.N. or a similar organization.

I would then deprecate all other top-level domains like.com,.org,.mil,.edu, etc. and the like, with a decade-long timetable before they are removed. Current registrations would get a free ".com.us," ".org.us," etc. registration during the transition period. After the transition period,.org,.com, etc. would become invalid and the United States would be free to impose the same restrictions on "legacy".com.us,.org.us, etc. domains as it imposes on "non-legacy" domains in the same namespace. For example, a year from now it might require that non-legacy domains in.us have a bona fide real-world presence in the United States or its possessions, but it could not impose this on "legacy" domains during the transition period.

It would be up to other countries as to how to govern their own namespaces.

It would remove the global politics from name registration. The questions of "who gets to control TLDs,: "who gets to control.COM," etc. will be gone, replaced by local/national politics within the various countries' respective CC-type TLDs.

I forgot to mention,.int,.eu,.un, etc. domains would be restricted to official or NGO-type services. Under this system, they could not host privately-controlled domains like acme.com.eu. To the extend that they do now,

I've done a lot of DNS server work at the code/protocol level, and a lot of serious thinking about the DNS over the years. My take is basically this:

1) The traditional generic TLDs (com/net/org) make a certain amount of sense, especially in the modern world for multi-national interests. Arguably we should be more strict about policies for net (network operators and infrastructure, not random companies) and org (actual non-profit organizations).

2) The ccTLDs also make a ton of sense, keep those.

3) The DNS is meant to be hierarchical. Not just in terms of server lookup hierarchy, but in the sense of informational hierarchy for humans to understand. It's like Area Codes and Country Codes, it has to make sense..pizza and.pepsi completely break the hierarchy, they're horrible sins committed in the name of the DNS cabal making a quick buck. A lot of people should be tossed in jail for this stupid idea.

4) The protocol and RFCs need serious re-work. I won't repeat all the analysis others have done over the years, except perhaps to point you at DJB's cr.yp.to DNS rants, most of which are valid. CNAMEs, the way PTR was handled, the ridiculously stupid compression scheme - all examples of shoddy design, at least in hindsight. All of the early RFCs and implementors also made the huge mistake of muddling up what should be very separate concepts: First there's the 3-way mixup of: DNS the conceptual distributed database, DNS the protocol, and DNS file formats that are private to server implementations. Then there's also the grand mixup of server roles: local non-recursive cache, recursive cache for a network of private clients, public recursive caches and forwarders, and finally true authoritative servers. It was the fact that BIND was the de-facto implementation and routinely mixed all of these roles by default that lead to the mess, and lead to tons of security problems over the years.

5) Security. DNSSEC, which sadly has a lot of traction now, is a complete joke. A proposal more akin to DJB's DNSCurve would be *much* better. The problem with DNSCurve was that it required really ugly NS-record hostnames in order to seamlessly integrate with the existing broken DNS design as smoothly as possible. A proposal combining DNSCurve's actual security mechanisms with simple KEY records would suffice, but needs backing form the DNS Cabal in the IETF, which are already deeply monetarily entrenched in selling DNSSEC to enterprises and governments.

It's really not hard at all to design a replacement for DNS that's better in every way. I've done it at least 20 times lying in bed dreaming, and a few times in practice with real code just for fun. The problem is that the current system is entrenched and nobody's willing to take on the job of getting everyone switched over to a new system, if it's even possible. You'd need to support both protocols in everything for a period of a decade or two, and nobody wants to because the current system just barely continues to function and offers some really clunky, faulty security in the latest update.

It just makes more sense. every other part of the URL is in order order of greatest to least significance. If the url was written with an IP address, the entire thing would be in order of greatest to least significance.

Yes, I know that this is not the question asked. But its what I would do.

They should be using.gov.us and.mil.us just like everybody on the planet.

I'd have.com,.org for international corporations and organizations (with checks in place to make sure they are what they claim to be, no pepsi.org or whatever) and country codes (restricted to citizens, corporations and organizations of the country in question, so no Tuvalu using.tv for television crap). Registering a domain on an international TLD would preclude the same entity from regist

No matter you choose to organize the name space, it won't actually be organized that way unless you enforce the rules. If that means that it costs $1000 to register a new name then so be it. This isn't something that should happen very often. Domain registration should be done with care and thought not processed in bulk.

Personally, I think that the new vanity top level domains are more or less just a big money grab by ICANN. They don't solve the problem of domain exhaustion, and they simply create a larger number of domains that big companies need to aquire to protect their brand image.

IMO,.com,.org, and.net made a lot of sense back when we were validating that the company applying was actually registered as a business, a non profit org, or a network provider. These days, with no validation, it makes no sense at all. I'

This didn't start out long. I apologize that it is. If you're easily bored by history I would recommendreading the first and last paragraphs:)

History:IP addresses being converted to names has existed for almost 40 years. It started as a file(hosts.txt) that users all over the ARPANet could download nightly. Usually they all did so atthe same time (midnight, local time) and invariably DDN-NIC (the host with the FTP serverand the file) was overloaded.

In time, it became reasonable to decentralize it. DNS was formed. Paul Mockapetris and manyother intelligent people put great thought into it. DDN-NIC became NIC.DDN.MIL. BRL-AOSbecaome AOS.BRL.MIL and so on. DNS servers became ubiquitous, the DNS root serverswere great, and Rodney Mcdaniel (hostmaster@nic.ddn.mil) and SRI International did a greatjob running things.

In time, it became reasonable to decentralize _that_. Many root servers run by many independentcompanies (like Paul Vixie's ISC) exist all over the world. The DNS hierarchy was detached fromthe ARPAnet (except for pointer records... still all in.ARPA...) and country-codes were adopted.

Now I say 'adopted' because the process of creating a new TLD or gTLD or ccTLD isn't complex.It's a line in a file. However, the process of getting said line APPROVED by the powers that beis more complicated.

The ICANN Age:ICANN was created to [whatever the reason, Karl Auerbach has shown they have clearly goneoutside their mandate and powers] and now they want money. How do you make money whenyou're clearly chartered to do ONE THING? You figure out how to create more Blue Sky.

So here we are. The final part of the decentralization. Why final? Because in the beginningwe started with a one-level name: DDN-NIC. Then we went to the hierarchy "tree" model:nic.ddn.mil. And now, we are finally changing the hierarchy so the root of the tree is thefather to THOUSANDS of TLDs.

You can argue if it's good or bad. I just look at the history... and know the original problem...and the reason for the solution... and the solution.

My Opinion:A rooted tree with thousands of children each having thousands of children is an abomination.I shudder to think that the DNS server (named or djdns or whatever you use) already usea relatively "large" cache. The size of this cache at a minimum is a function of the structureof the DNS tree. A 1000x1000 (TLD+SLD) tree already starts at a million entries. Each onegets at least an SOA record, which is over half a kilobyte. Add in some NS records and maybesome MXs and now you have 500MBytes+... just to initialize the cache. Icky poo.

I suppose the evil we know (ICANN) is better than the ITU running the Internet and addingtermination charges for packets. Settlement-free-peering, euro-jerks.

FYI I have sold domain names for profit. One previous poster suggests we "prevent" [prohibit?criminalize?] domain name transfers. Please note that ARIN [another made up body but onethat adds a lot of value unlike ICANN] prohibits IP address transfers, loans, or sales, exceptin specific cases of business mergers where the new entity can show it is worthy of the IPaddress space. This has not IN ANY WAY diminished the sale, loan, or transfer of IP addressranges. I regularly get offers for the space I'm responsible for. When there's a buyer and aseller... there's a market. My point being -- to get back to domain names -- so long as there'sa buyer and a seller, domain names WILL transfer. The simplest example I can think of is toregister each domain name under a new LLC. Sure, it's $7 for the domain name and $20for the LLC... but you can then sell the LLC to anyone without it being a domain name transfer.There are other methods.

Conclusion:ICANN is an abomination and they've done nothing to help the Internet. In every "decision"they've mana

Don't you just hate it when solutions are simple. Just get rid of all the root servers. Let anyone with enough DNS brains run their own root server. Let there be a free market for which root server is used. ISPs will provide a default root server to their customers, who can simply just change to another if they wish.

Oh, I hear a complaint already... it will fragment the internet. But that's the whole idea. It keeps the UN and governments from taking over.

1 if you register %base%.com then you automatically get a "soft register" for.net and.org (and the same for every combo thereof with any adjustments needed for nonUS entities). If later on somebody wants a domain that is soft registered they can If they also setup someway to redirect traffic to the other(s) in the set.

2 When you create some sort of entity (business or social) if your entity name is NOT already registered then you get priority for that domain AND IF IT IS REGISTERED YOU CAN BUY THE DOMAIN AT THE REGISTRARS COST.

3 anyone found registering "spoof" domains or otherwise trying to do a domain attack should be banned from registering any domains (and lose any domains they currently have).

Seeing how com, net and org all lost their meanings in the end, I think we'd be better off with just one general TLD and country specific TLDs to be run as each country wishes. Possible exception for some sort of "trusted" TLD as well, to be issued only to certified organizations.

1. Change the URL spec to something like "Protocol:(port)//Top.domain.subdomain....) so "http://shashdot.org" would be "http://org.slashdot" or if you used a nonstandard port it would be "http:8080//org.slashdot" and if you owned org.slashdot you would be free to make as many sub domains as would fit in a URL.

2. Make URL's Unicode strings so they are usable across as many languages as possible.

3. Fix the DNS protocol to include some way to validate that the information you get actually comes from the registered owner of the domain in question. Also provide a means to flush the domain table cache before the TTL expires, by making servers that cache register with the source.

4. Assign standard TLD's (say for each country) to local authorities. Additional top level domains (say "slashdot") are allowed as well, but in order to be available as a domain the local authority must allow it (and can possibly require local payment for local access.)

2. Make URL's Unicode strings so they are usable across as many languages as possible.

You probably mean UTF-8, I'm assuming, not UCS-2 or UTF-16 or UTF-32 or UTF-EBCDIC.
It sounds nice but I'm a bit worried the spoofers would love it, too.. see Armenian codepoint U+057D and U+0585 for example.

Agreed. Pretty much any site of any size registers.com,.org, and.net. There's no meaning to the hierarchy anymore, so just flatten it. Instead of registering slashdot.org, slashdot.net, and slashdot.com, just register slashdot.

Or you could open up the top level domain registry, and register '.slashdot' as a TLD. The end result is the same.

I've always supported both. Easy to set up on the DNS server, as it is just a list there, and I believe different prefixes can be directed to different ports, as well (and you can redirect at the router, so it is a way to proxy).

I still don't really like TLDs... they should be optional and then ditch.com and make it the default, but that is what most browsers do already, so if you just type slashdot into your browser, you go to www.slashdot.com, which redirects to slashdot.org.

The latter interests me: I'd love to read clueful arguments *for* the www prefix. Never saw any so far, and plenty of sites seem to have no use for it.

It's not a "prefix", it's a host name (essentially). If you grew up before HTTP became the transport and browsers did everything, you'd remember names like "ftp.foo.com" and using programs other than a web browser to get information.

Even now, you see things like "secure.foo.com", "store.foo.com", and "support.foo.com", so I think having "www" as a separate host name makes a lot of sense, even if an HTTP request for "foo.com" redirects there.

There's lots of stuff connected to the internet that isn't HTTP. The www nomenclature makes sense in that respect. And there's absolutely nothing stopping a system admin from also making domain.com point to a web server - in fact, doing so is pretty common these days.

The issue here is that a company name is only unique for a given location.

Even within the same countries, nothing prevents two firms in nearby locations to be using the exact same name and doing the exact same or nearly the exact same thing, until one of the two trademarks its name. So, who gets to use the domain name?